Hey everyone, I’m having trouble setting up HTTPS for my workflow automation tool. It’s running on a custom port (5678) on my main domain. I’ve tried to force HTTPS across the site, but it’s not working.
I’m using a VPS with CentOS 7 and CyberPanel. The tool is installed via Docker. Everything works fine over HTTP, but HTTPS is giving me headaches.
My setup includes:
CyberPanel 2.3
Docker 23.0.1
PHP 7.4.33
Apache 2.4.6
I’ve got Let’s Encrypt SSL for my domain, but can’t figure out how to apply it to this specific port. Any ideas on how to secure this custom port? I’m fairly new to VPS management, so simpler solutions would be great. Thanks!
have u tried configuring a reverse proxy in apache? that might help. basically u set up a virtual host that forwards traffic from a subdomain to ur custom port. then u can apply ssl to the subdomain. its not too complicated, just need to tweak some apache configs. lemme know if u want more details!
I faced a similar issue with securing a service on a custom port. In my case, I used Nginx as a reverse proxy to handle SSL termination. I installed Nginx on my VPS and configured a server block to forward requests from a secure subdomain to my service running on the custom port. This eliminated the need for the Docker container to manage SSL directly. I also made sure to bind the container to localhost for enhanced security. This approach proved reliable and simplified the entire configuration process.
Have you considered using a Docker-aware reverse proxy like Traefik? It can automatically handle SSL termination and routing for your containerized apps. You’d need to add some labels to your Docker container and configure Traefik to watch your Docker socket. This approach keeps things contained within your Docker environment and can be easier to manage than traditional web servers for this use case.
Alternatively, you could look into using Docker’s built-in support for TLS. This involves creating a certificate and key, then configuring your Docker daemon to use them. It’s a bit more complex but gives you fine-grained control over the encryption between your client and the Docker daemon.
Both methods avoid messing with your main Apache setup and keep the solution closer to your Docker environment.